XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource.

I dont think the server is dening the request, it is the client borwser that for security does nto allow a request to be sent to a different domain (or sub domain). Depending of what you want to do JSONP migt be the way to solve it.

 

What are you calling on the Marketo side? Another form or the APIs?

Calling the leads.json API. I'm passing the "Access-Control-Allow-Origin": "*", headers and a few others to be extra verbose, but it's still not accepting the request.

I'm using this to generate the Access token: http://developers.marketo.com/blog/quick-start-guide-for-marketo-rest-api/,

I just realized though, that this token is probably not persistent, and probably needs to be recreated at regular intervals I'm guessing?  That's not the issue as non-expired tokens (which work in a REST console, or straight browser), but it's /an/ issue I need to fix.

Hey Ben,

What's you're reasoning for doing this client-side?  Exposing the access token to be client-facing opens you up to some serious security issues.  You should really only be executing this from the server side, and then sending any relevant data to the client with your page load.

Proof of concept for now to ensure that the integration is being done properly, and the data is being pushed across to the server properly. We'll move all this to server side as a next step, but quick and dirty on a non-public site this is the fastest way to ensure data is being passed correctly.

Tried it with php curl server-side and just get 500 errors, so something I'm doing still isn't functioning properly.

@Ben, you are correct. The token expires every hour, so it needs to be refreshed at a regular interval.